# This controller handles the login/logout function of the site.  
class SessionController < ApplicationController
  layout 'login'
  skip_before_filter :authenticate

  # render new.rhtml
  def new
  end

  def create
    self.current_user = User.authenticate(params[:login], params[:password])
    if logged_in?
      if params[:remember_me] == "1"
        current_user.remember_me unless current_user.remember_token?
        cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
      end
      redirect_back_or_default(session[:return_to].to_s)
      flash[:notice] = "Loggin efetuado com sucesso"
    else
      flash[:error] = "<strong>Atenção</strong>: Usuário ou senha incorreta."
      render :action => 'new'
    end
  end

  def destroy
    self.current_user.forget_me if logged_in?
    cookies.delete :auth_token
    reset_session
    flash[:notice] = "Logout com sucesso"
    redirect_back_or_default('/login')
  end
end
